In February of this year, criminals gained access to ChoicePoint’s massive database of consumer information, gaining the personal identity details on 145,000 people. Thieves used previously stolen identities to create what appeared to be legitimate businesses seeking ChoicePoint accounts, opening 50 accounts and receiving volumes of data on consumers, including names, addresses, Social Security numbers and credit reports.
In March of this year, the personal information for 600,000 current and former Time Warner employees was lost, potentially setting the stage for one of the largest cases yet of identity theft.
In June of this year, a cyber attack on CardSystems, a processor of credit card payments, led to the theft of an unprecedented amount of personal information, believed to be the largest data security breach to date. MasterCard International said information on more than 40 million of its credit cards may have been stolen. Some 20 million Visa-branded cards may have been affected and the remaining accounts comprised other brands, including American Express and Discover.
“Data loss and identity theft doesn’t just happen at the individual level,” added Sadd. “Unscrupulous criminals are also targeting groups. Bank of America lost computer tapes containing credit card information that exposes some of the most powerful men and women in the US to identity theft — or
worse. The tapes contain the personal financial information, Social Security numbers, home addresses and phone numbers of more than 60 U.S. senators as well as employees of more than two dozen federal agencies, including the three main military branches, NASA, the Department of Energy
and the Department of Justice.”
The UK Data Protection Act which provides individuals with certain rights over their personal data including the right to view, correct, update and, in certain cases, delete information held about them. However, realistically, few of us have a clue where this data is held so exercising our rights is impractical if not impossible. More so when you start adding up how many separate organisations have collected such data. In addition to government departments, think of all of the forms you have filled in during the past year, the questionnaires, the credit, loyalty and membership cards you have in your wallet. Every one represents a huge database in which you are an entry. And these are only the ones that you know about. There are also disreputable firms who ‘trade’ such data which is why individuals end up receiving junk mail and spam from organizations that they have never heard of.
“I believe a brand backlash against irresponsible companies is inevitable,” added Sadd. “Customers will be looking at the way suppliers address security and respect personal data in the future and, as the evidence of abuse and the financial consequences become more understood then this will become a key decision factor in choice of suppliers. This could significantly change the competitive landscape and we are already seeing companies using security as a brand differentiator.”
PAOGA believes that the legal responsibility for a person’s data should be devolved back to the individual through the use of Personal Data Vaults. Personal Data Vaults shift the ownership, management and control of individual data from internal company databases and CRM systems back to the individual. Personal Data Vaults provide one very private and highly secure site where individuals can keep all of their information, currently on innumerable databases, files, vaults and shoeboxes, which can be accessed, updated or deleted from anywhere at any time and communicated to anyone on a permissions only basis. Individuals are able to compile a complete record of all of their interactions across firms in each industry, as well as supplementing this data with their updated personal details, current preferences and plans for future purchases as they change over time.
“Individuals can then grant access to their data to trusted third parties on a permissions only basis, such as GPs, solicitors and employers, acting as ‘Data Guardians,’ but not actually having the legal responsibility for maintaining the data,” added Sadd. “The individual retains control, management and ultimately the access of their own data. Typically, fifty percent of an organisation’s HR resources are spent collecting, storing and protecting data it doesn’t own, which is simply financially inefficient and an unnecessary overhead. These costs, combined with the tidal wave of EU and UK legislation require a collaborative process to facilitate data compliance in both the public and private sectors.”
In October 2004, the UK Government’s Better Regulation Task Force revealed that red tape is costing British businesses more than 100 billion per annum and compliance is now one of the fastest growing industries in Britain with some experts suggesting it employs 40,000 people.
PAOGA uses the ubiquity of the Internet to give individuals total control over their personal data. By giving access, control and responsibility of personal data back to the individual, PAOGA reduces and automates unnecessary bureaucracy, automatically compiling a complete record of all interactions with various organisations, as well as the ability for individuals to supplement this data with their own preferences and plans.
About PAOGA Ltd
Founded in 2002, PAOGA Ltd provides the global technology platform that enables Web Service Operators to deliver secure Personal Data Vaults for an individual’s data. PAOGA’s core asset is the PAOGAplatform which is an IT architecture and infrastructure. The company licenses access to the platform to Web Services Operators who are building applications for specific horizontal and vertical markets marketed directly to end users. PAOGA plans to become the trusted global repository for personal data, and is currently working with a number of Web Services Operators in the areas of Property, Project Management and Recruitment. www.paoga.com